File sqlcipher.changes of Package sqlcipher
-------------------------------------------------------------------
Mon Dec 9 09:41:59 UTC 2024 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.6.1:
* Updates baseline to upstream SQLite 3.46.1
* Significant refactor to merge crypto.h, crypto.c, and crypto_impl.c into a single sqlcipher.c source file for simplicity.
* Updates minimum working set size on windows to increase lockable pages
* Adds new PRAGMA cipher_log_source for filtering log output on higher verbosity levels
* Improves log output by including the log level and source prior to message
* Improves error logging in PRAGMA cipher_migrate
* Fixes issue where log level and target would be overwritten if set prior to initialization
* Corrects Podspec license element to use specific BSD 3 Clause
* Fixes default log output to console for macOS
-------------------------------------------------------------------
Mon Jul 22 08:56:24 UTC 2024 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.6.0:
* Sets default log level to WARN
* Sends default log output to: logcat for Android; Console for iOS and macOS; and stderr for all other platforms
* General improvements to log level assignments, output, and sanitization
* Fixes Apple Privacy Manifest by removing empty NSPrivacyCollectedDataType from PrivacyInfo.xcprivacy
* Moves Swift support defines for podspec user_target_xcconfig so they only apply to the consuming project
-------------------------------------------------------------------
Tue Feb 6 13:40:40 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
- Update to version 4.5.6:
* Updates baseline to upstream SQLite 3.44.2
* Improve PRAGMA cipher_integrity check to report expected page size if invalid
* Implement PRAGMA page_size compatibility with PRAGMA cipher_page_size so both will operate properly on encrypted databases
* Updates LICENSE.md with SQLCipher license to avoid ambiguity and remove redundance
-------------------------------------------------------------------
Tue Nov 14 16:24:37 UTC 2023 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.5.5:
* Updates baseline to upstream SQLite 3.42.0
* Does not allow key to be set again on a connection after it has been successfully used for an encryption or decryption operation to prevent accidental database corruption
* Raises an error if a rekey operation is attempted on an unencrypted database
* Raises an error when a key or rekey operation is passed an empty key
* Minor improvements to constant time functions
* Miscellaneous code and comment cleanup
-------------------------------------------------------------------
Thu May 18 06:14:17 UTC 2023 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.5.4:
* Updates baseline to upstream SQLite 3.41.2
* Updates minimum Apple SDK versions in podspec for new Xcode compatibility
* Return runtime OpenSSL version from PRAGMA cipher_provider_version (instead of hardcoded value)
* Adds guard against zero block size and crash if cryptographic provider initialization fails
* When an ATTACH occurs creating a new encrypted database as the first operation after keying the main database, the new database will have the same salt value.
-------------------------------------------------------------------
Wed Mar 8 10:27:23 UTC 2023 - Martin Pluskal <mpluskal@suse.com>
- Build AVX2 enabled hwcaps library for x86_64-v3
-------------------------------------------------------------------
Fri Dec 23 16:55:56 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 4.5.3:
* Updates baseline to upstream SQLite 3.39.4
-------------------------------------------------------------------
Wed Aug 17 19:43:40 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 4.5.2:
* Updates source code baseline to upstream SQLite 3.39.2
* Simplifies OpenSSL version conditional code
* Fixes issue where PRAGMA cipher_memory_security could report OFF when it was actually ON
* Fixes fix unfreed OpenSSL allocation when compiled against version 3
* Fixes support for building against recent versions of BoringSSL
-------------------------------------------------------------------
Thu Mar 24 07:48:03 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 4.5.1:
* Updates source code baseline to upstream SQLite 3.37.2
* Adds PRAGMA cipher_log and cipher_log_level features to allow logging of
TRACE, DEBUG, INFO, WARN, and ERROR messages to stdout, stderr, file, or
logcat
* Modifies PRAGMA cipher_profile to use sqlite3_trace_v2 and adds logcat
target for Android
* Updates OpenSSL provider to use EVP_MAC API with version 3+
* Adds new PRAGMA cipher_test_on, cipher_test_off, and cipher_test_rand
(available when compiled with -DSQLCIPHER_TEST) to facilitate simulation of
error conditions
* Fixes PRAGMA cipher_integrity_check to work properly with databases larger
that 2GB
* Fixes missing munlock before free for context internal buffer
-------------------------------------------------------------------
Wed Feb 9 09:02:47 UTC 2022 - Martin Pluskal <mpluskal@suse.com>
- More relaxed dependencies on tcl (boo#1195711)
-------------------------------------------------------------------
Mon Dec 13 12:23:54 UTC 2021 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.5.0:
* Updates baseline to upstream SQLite 3.36.0
* Changes the enhanced memory security feature to be DISABLED by default; once enabled by PRAGMA cipher_memory_security = ON, it can't be turned off for the lifetime of the process
* Changes PRAGMA cipher_migrate to permanently enter an error state if a migration fails
* Fixes memory locking/unlocking issue with realloc implementation on hardened runtimes when memory security is enabled
* Fixes cipher_migrate to cleanup the temporary database if a migration fails
* Removes logging of non-string pointers when compiling with trace level logging
-------------------------------------------------------------------
Tue Apr 13 09:09:16 UTC 2021 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.4.3:
* Updates baseline to ustream SQLite 3.34.1
* Fixes sqlcipher_export handling of NULL parameters
* Removes randomization of rekey-delete tests to avoid false test failures
* Changes internal usage of sqlite_master to sqlite_schema
* Omits unusued profiling function under certain defines to avoid compiler warnings
-------------------------------------------------------------------
Thu Jan 28 23:43:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 4.4.2:
- Improve error handling to resolve potential corruption if an encryption
operation failed while operating in WAL mode
- Changes to OpenSSL library cryptographic provider to reduce initialization
complexity
- Adjust cipher_integrity_check to skip locking page to avoid a spurious error
report for very large databases
- Miscellaneous code and comment cleanup
- Updates baseline to upstream SQLite 3.33.0
- Fixes double-free bug in cipher_default_plaintext_header_size
- Changes SQLCipher tests to use suite runner
- Improvement to cipher_integrity_check tests to minimize false negatives
- Deprecates PRAGMA cipher_store_pass
-------------------------------------------------------------------
Mon Oct 26 09:59:11 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- update to 4.4.0:
- Updates baseline to upstream SQLite 3.31.0
- Adjusts shell to report SQLCipher version alongside SQLite version
- Fixes various build warnings under several compilers
- Removes unused id and status functions from provider interface
-------------------------------------------------------------------
Fri Apr 17 09:04:13 UTC 2020 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.3.0:
* Updates baseline to upstream SQLite 3.30.1
* PRAGMA key now returns text result value "ok" after execution
* Adjusts backup API so that encrypted to encrypted backups are
permitted
* Adds NSS crypto provider implementation
* Fixes OpenSSL provider compatibility with BoringSSL
* Separates memory related traces to reduce verbosity of logging
* Fixes output of PRAGMA cipher_integrity_check on big endian
platforms
* Cryptograpic provider interface cleanup
* Rework of mutex allocation and management
* Resolves miscellaneous build warnings
* Force error state at database pager level if SQLCipher
initialization fails
-------------------------------------------------------------------
Fri Oct 25 11:53:56 UTC 2019 - Martin Pluskal <mpluskal@suse.com>
- Update to version 4.2.0:
* Adds PRAGMA cipher_integrity_check to perform independent
verification of page HMACs
* Updates baseline to upstream SQLite 3.28.0
* Improves PRAGMA cipher_migrate to handle keys containing
non-terminating zero bytes
-------------------------------------------------------------------
Mon May 13 07:57:02 UTC 2019 - Paolo Stivanin <info@paolostivanin.com>
- Update to v4.1.0:
* Adds PRAGMA cipher_settings to query current database
codec settings
* Adds PRAGMA cipher_default_settings to query current
default SQLCipher options
* PRAGMA cipher_hmac_pgno is now deprecated
* PRAGMA cipher_hmac_salt_mask is now deprecated
* PRAGMA fast_kdf_iter is now deprecated
* Disable backup API for encrypted databases (this was
previously documented as not-working and non-supported,
but will now explicitly error out on initialization)
* Default page size for databases increased to 4096 bytes
(up from 1024)
* Default PBKDF2 iterations increased to 256,000
(up from 64,000)
* Default KDF algorithm is now PBKDF2-HMAC-SHA512
(from PBKDF2-HMAC-SHA1)
* Default HMAC algorithm is now HMAC-SHA512 (from HMAC-SHA1)
* PRAGMA cipher is now disabled and no longer supported
(after multi-year deprecation)
* PRAGMA rekey_cipher is now disabled and no longer supported
* PRAGMA rekey_kdf_iter is now disabled and no longer
supported
* By default all memory allocated internally by SQLite before
the memory is wiped before it is freed
* PRAGMA cipher_memory_security: allows full memory wiping
to be disabled for performance when the feature is
not required
* PRAGMA cipher_kdf_algorithm, cipher_default_kdf_algorithm
to control KDF algorithm selection between PBKDF2-HMAC-SHA1,
PBKDF2-HMAC-SHA256 and PBKDF2-HMAC-SHA512
* PRAGMA cipher_hmac_algorithm, cipher_default_hmac_algorithm
to control HMAC algorithm selection between HMAC-SHA1,
HMAC-SHA256 and PBKDF2-HMAC-SHA512
* When compiled with readline support, PRAGMA key and rekey
lines will no longer be saved to history
* Adds second optional parameter to sqlcipher_export to specify
source database to support bidirectional exports
* PRAGMA cipher_plaintext_header_size and
cipher_default_plaintext_header_size: allocates a portion of
the database header which will not be encrypted to allow
identification as a SQLite database
* PRAGMA cipher_salt: retrieve or set the salt value for
the database
-------------------------------------------------------------------
Thu Apr 19 07:15:15 UTC 2018 - mpluskal@suse.com
- Cleanup with spec-cleaner
- Rename tcl binding package
- Adjust dependencies of tcl bindings
-------------------------------------------------------------------
Wed Apr 18 16:18:44 UTC 2018 - ecsos@opensuse.org
- update to 3.4.2
- Merge upstream SQLite 3.20.1
- Text strings for SQLITE_ERROR and SQLITE_NOTADB changed to
match upstream SQLite
- Remove static modifier for codec password functions
- Page alignment for mlock
- Fix segfault in sqlcipher_cipher_ctx_cmp during rekey operation
- Fix sqlcipher_export and cipher_migrate when tracing API in use
- Validate codec page size when setting
- Guard OpenSSL initialization and cleanup routines
- Allow additional linker options to be passed via command line
for Windows platforms
-------------------------------------------------------------------
Sun Mar 26 10:26:50 UTC 2017 - ecsos@opensuse.org
- update to 3.4.1
* Added support for OpenSSL 1.1.0
* Merged upstream SQLite 3.15.2
-------------------------------------------------------------------
Mon Apr 18 15:06:22 UTC 2016 - mpluskal@suse.com
- Use pretty name for tarball
-------------------------------------------------------------------
Sun Apr 17 18:27:00 UTC 2016 - ecsos@opensuse.org
- update to 3.4.0
- Added `PRAGMA cipher_provider_version`
- Merged upstream SQLite 3.11.0
- Deprecated `PRAGMA cipher` command
-------------------------------------------------------------------
Thu Feb 4 14:38:51 UTC 2016 - mpluskal@suse.com
- Use optflags
- Fix building of tcl support on SLE11
-------------------------------------------------------------------
Sun Dec 20 15:17:59 UTC 2015 - mpluskal@suse.com
- Cleanup spec file
-------------------------------------------------------------------
Sat Jul 18 08:36:19 UTC 2015 - goedhart.martijn@gmail.com
- Update to c01b94f (2015-07-13)
-------------------------------------------------------------------
Mon Oct 27 15:48:36 UTC 2014 - goedhart.martijn@gmail.com
- Update to e7b8d1f (2014-09-30)
-------------------------------------------------------------------
Tue Jun 24 10:56:35 UTC 2014 - goedhart.martijn@gmail.com
- Update to 9096584 (2014-04-23)
-------------------------------------------------------------------
Wed Dec 18 15:53:46 UTC 2013 - goedhart.martijn@gmail.com
- Update to 8d0acdb (2013-12-06)
-------------------------------------------------------------------
Wed Dec 18 15:40:13 UTC 2013 - goedhart.martijn@gmail.com
- Update to 8d0acdb (2013-12-06)
-------------------------------------------------------------------
Wed Dec 18 15:31:39 UTC 2013 - goedhart.martijn@gmail.com
- Update to 8d0acdb (2013-12-06)
